Home / os / winme

Desh Universal SQL Injection

Posted on 30 November -0001

<HTML><HEAD><TITLE>Desh Universal SQL Injection</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>Exploit Title : Desh Universal SQL Injection Google Dork : intext:"Design & Development by Desh Universal (Pvt.)" Google Dork2 : Use Your Mind Pls ! Date : 17/01/2017 Exploit Author : Houssem_Rx Vendor Homepage : http://deshuniversal.com/ Tested on : Kali Linux ## Vulnerability : ## 1. Description An attacker can exploit this vulnerability to read from the database. - HTTP Method : GET 2. SQL Injection / Proof of Concept: Vulnerable Parametre: All Parametres are Vulnerable. http://localhost/[PATH]/messages?messageid=[SQL] 3. DEMO : http://www.dcgpsc.edu.bd/all-staff.php?id=2' [SQL INJECTION VULNERABILITY] # Discovered by : Houssem_Rx</BODY></HTML>

 

TOP